December 31, 2009

Social Networks Facing More Sophisticated Attacks

According to Web security company McAfee Labs, social networking sites will face an increase in complex and sophisticated hacks in 2010.

With the fear of new attacks on the rise, law enforcement is expected to up its game on cyber crime as well.

The increased use of applications found on Facebook and other services allows cyber criminals an easy way to attack users. They "will take advantage of friends trusting friends to click links they might otherwise treat cautiously," McAfee said.

McAfee also expected to see a rise in banking security threats and the use of "botnets", armies of infected computers used to spread malicious software (malware). In the 2010 Threat predictions report released on Tuesday, McAfee also states that with the rise of internet security risks and hacks, law enforcement will also increase the effectiveness it has for fighting cyber crime.

Microsoft products have been a popular target for hackers in the past due to their popularity, but McAfee is anticipating cyber criminals to go after Adobe software and the Google Chrome computer system in 2010 as well. These products will give hackers another way to easily target and prey on users. Furthermore, "based on the current trends, we expect that in 2010 Adobe product exploitation is likely to surpass that of Microsoft Office applications in the number of desktop PCs being attacked," it said.

Most hackers are expected to try to take advantage of the abundance of URL shortening services such as tinyurl.com. These shortening services now appear in communications everywhere, making it easier to mask the URLs that users are asked to click. This trick is the perfect route to direct users to websites that they would normally avoid visiting. "As users' expectations of their Web 2.0 services evolve, we expect to see many rogue services set up with the hidden purpose of capturing credentials and data," McAfee said.

Another vulnerable area will be e-mail usage. "Email is increasing in popularity as the preferred method for targeting attacks against individual users, corporations, and government institutions," McAfee said. Though these attacks were relatively few a number of years ago, "we now see many reports of successful assaults, both by criminals and for espionage, in which an email with an attachment or a link to a website is the attack vector," it said.

Botnets have become the worst nightmare for cyber-security professionals in the last six years. They are the essential infrastructure cyber criminals need to launch nearly every cyber attack out there. Law enforcement has made some progress fighting botnet crime. Due to the aggressive efforts to turn off these service providers that cater to the cyber criminal element, many botnet operations have brutally disrupted over the last few years, according to McAfee.